Welcome to This Week’s [in]Security. PCI and payments: PCI updates, Skimmers, Carders, Payments, Training & events. New breaches, New Ransomware: insurance, decryptor, 49ers, Swissport. Major outages: Vodaphone. Follow-ups & Fall-out: IHS, Inmediata. Privacy: CIA, Canada, health sites, ID.me, AirTags. Laws & Regs - Canada: Bills C-11 & S-210. US: EARN IT, Facebook, Ohio. World: Cambridge, EU data sharing, Google Analytics, Consent spam, QWACs, Israel, Hacking Jamaica. Standards: NIST. Defense: 2FA, data retention liability, Shift-Left, trust, IoT audit, AI, Multiple Microsoft, deniable data! Vulnerabilities, Zerodays: Project Zero, Apple, Other Vulnerabilities: metrics, supply chains, Mozilla, PHP/Wordpress, Mazda, Bounties. Patching: 3 CISA alerts, android, Windows, SAP. Adobe, ECC vs quantum crypto. Cybercrime: Trends: IOCs, Modified Elephant, old tactics, Nation States and mercenaries. Crime & Enforcement; $4.5B, SIMs. romance, Other Risks: Spycraft, Chip errors, Chinese tech, Blockchain myths, Disinformation, Health, Safety & Environment. Covid-19: Spread, Curves, Waves, and Variants; Response; Treatments; Immunity; Learned; Covid Compliance. Innovation and more.

PCI Compliance and Payments

News and announcements relating to Payment Security, PCI, Card Brands, Payments, Payment Malware and Fraud, and Payment Related Compliance.

• New PCI Documents:

  • Participating Organization Name Change Application https://www.pcisecuritystandards.org/documents/Participating_Organization_Simple_Name_Change_Form_ext.pdf

• Payment skimmers/malware/fraud:

  • Hundreds of e-commerce sites booby-trapped with payment card skimming malware https://arstechnica.com/information-technology/2022/02/hundreds-of-e-commerce-sites-booby-trapped-with-payment-card-skimming-malware/
  • Critical Magento 0-Day Vulnerability Under Active Exploitation — Patch Released https://thehackernews.com/2022/02/critical-magento-0-day-vulnerability.html
  • Russia arrests third hacking group, seizes carding forums https://www.bleepingcomputer.com/news/security/russia-arrests-third-hacking-group-seizes-carding-forums/
  • Russian Govt. Continues Carding Shop Crackdown https://krebsonsecurity.com/2022/02/russian-govt-continues-carding-shop-crackdown/

• Other payment related:

  • The Death of Cash https://www.businessinsider.com/2-11-2022-death-of-cash-report
  • TSYS On Fraud-Fighting FinTech Trends In 2022 And Beyond https://www.pymnts.com/fraud-prevention/2022/tsys-on-fraud-fighting-fintech-trends-in-2022-and-beyond/

• Educational events, webinars, courses, etc:

  • Online CISSP Exam Coming Soon https://blog.isc2.org/isc2_blog/2022/02/online-cissp-exam-coming-soon.html

Breaches / Ransomware / Leaks

Covering breaches, leaks, data exposures, ransomware (as potential breach), and their fallout.

• New Breaches:

  • Data Breaches Remain a Nettlesome Problem, Especially for U.S. Companies https://www.digitaltransactions.net/%ef%bf%bcdata-breaches-remain-a-nettlesome-problem-especially-for-u-s-companies/
  • Puma hit by data breach after Kronos ransomware attack https://www.bleepingcomputer.com/news/security/puma-hit-by-data-breach-after-kronos-ransomware-attack/
  • Ransomware crew dumps stolen Optionis files online https://www.theregister.com/2022/02/11/optionis_stolen_data/
  • National Math and Science Initiative notifies more than 190,000 of data security incident https://www.databreaches.net/national-math-and-science-initiative-notifies-more-than-190000-of-data-security-incident/
  • HK: Harbour Plaza Hotel customers warned over data leak https://www.databreaches.net/hk-harbour-plaza-hotel-customers-warned-over-data-leak/
  • Illinois Housing Development Authority addresses data breach https://www.databreaches.net/illinois-housing-development-authority-addresses-data-breach/
  • Information for over 6,000 Memorial Hermann patients accessed in business associate's security breach https://www.databreaches.net/information-for-over-6000-memorial-hermann-patients-accessed-in-business-associates-security-breach/
  • Military sexual misconduct class action members' details accidentally released https://globalnews.ca/news/8607889/military-sexual-misconduct-class-action-privacy-breach/
  • DPD Group parcel tracking flaw may have exposed customer data https://www.bleepingcomputer.com/news/security/dpd-group-parcel-tracking-flaw-may-have-exposed-customer-data/

• New Ransomware and "Incidents":

  • Law Enforcement Blowback, Cyber Insurance Renewals Powering Anti-Ransomware Success https://www.securityweek.com/law-enforcement-blowback-cyber-insurance-renewals-powering-anti-ransomware-success
  • Ransomware Reaches Beyond Money With More Sinister Goals https://www.pymnts.com/cybersecurity/2022/ransomware-reaches-beyond-money-with-more-sinister-goals/
  • Decryptor Keys Published for Maze, Egregor, Sekhmet Ransomwares https://threatpost.com/decryptor-keys-maze-egregor-sekhmet-ransomwares/178363/
  • San Francisco 49ers confirm ransomware attack https://www.databreaches.net/san-francisco-49ers-confirm-ransomware-attack/
  • Swissport ransomware attack leads to flight delays https://www.databreaches.net/swissport-ransomware-attack-leads-to-flight-delays/

• Major outages/downs:

  • UK Foreign Office target of 'serious cyber incident' https://www.bbc.co.uk/news/technology-60309335
  • Cyberattack brings down Vodafone Portugal mobile, voice, and TV services https://www.databreaches.net/cyberattack-brings-down-vodafone-portugal-mobile-voice-and-tv-services/

• Follow-ups and fall-out:

  • On the Irish Health Services Executive Hack https://www.schneier.com/blog/archives/2022/02/on-the-irish-health-services-executive-hack.html
  • Inmediata Data Breach $1.1M Class Action Settlement https://www.databreaches.net/inmediata-data-breach-1-1m-class-action-settlement/

Privacy

Articles about privacy related news, risks, and trends.

• Senators: CIA Has Secret Program That Collects American Data https://www.securityweek.com/senators-cia-has-secret-program-collects-american-data
• We Need Answers About the CIA's Mass Surveillance https://www.eff.org/deeplinks/2022/02/we-need-answers-about-cias-mass-surveillance
• Privacy commissioner: Few realized the government was tracking their pandemic movements https://nationalpost.com/news/politics/privacy-commissioner-public-health-agency-of-canada-cellphone-location-data
• Health sites let ads track visitors without telling them https://arstechnica.com/information-technology/2022/02/health-sites-let-ads-track-visitors-without-telling-them/
• IRS To Ditch Biometric Requirement for Online Access https://krebsonsecurity.com/2022/02/irs-to-ditch-biometric-requirement-for-online-access/
• Victory! ID.me to Drop Facial Recognition Requirement for Government Services https://www.eff.org/deeplinks/2022/02/victory-irs-wont-require-facial-recognition-idme
• Feds are still using ID.me to scan your face — and human reviewers can't keep up https://www.theverge.com/2022/2/11/22928082/id-me-irs-facial-recognition-overworked-employees
• Are You Being Tracked by an AirTag? Here's How to Check https://www.wired.com/story/how-to-find-airtags
• I Used Apple AirTags, Tiles and a GPS Tracker to Watch My Husband's Every Move https://www.nytimes.com/2022/02/11/technology/airtags-gps-surveillance.html
• Google's Privacy Sandbox ad-tracking overhaul clears major regulatory hurdle https://www.theverge.com/2022/2/11/22814204/google-chrome-third-party-cookies-privacy-sandbox-uk-competition-and-markets-authority-regulator

Laws, Regulations, Platforms, Standards, and Public Policy

News about laws, regulations, platform rules, and standards affecting security, privacy, technology, and public interest.

• Canada:

  • The Law Bytes Podcast, Episode 116: Is This Podcast a Program Subject to CRTC Regulation Under Bill C-11? https://www.michaelgeist.ca/2022/02/law-bytes-podcast-episode-116/
  • Bill C-11's Foundational Faults, Part One: The Nearly Unlimited Global Reach of CRTC Jurisdiction Over Internet Audio-Visual Services https://www.michaelgeist.ca/2022/02/bill-c-11s-foundational-faults-part-one-the-nearly-unlimited-global-reach-of-crtc-jurisdiction-over-internet-audio-visual-services/
  • Age Verification Requirements for Twitter or Website Blocking for Reddit?: My Appearance on Bill S-210 at the Senate Standing Committee on Legal and Constitutional Affairs https://www.michaelgeist.ca/2022/02/age-verification-requirements-for-twitter-or-website-blocking-for-reddit-my-appearance-on-bill-s-210-at-the-senate-standing-committee-on-legal-and-constitutional-affairs/

• US:

  • If EARN IT Passes, What Happens On Your iPhone Won't Stay On Your iPhone https://www.eff.org/deeplinks/2022/02/if-earn-it-passes-what-happens-your-iphone-wont-stay-your-iphone
  • Key Senators Have Voted For The Anti-Encryption EARN IT Act https://www.eff.org/deeplinks/2022/02/key-senators-have-voted-anti-encryption-earn-it-act
  • New algorithm bill could force Facebook to change how the news feed works https://www.theverge.com/2022/2/10/22927472/klobuchar-lummis-algorithm-bill-section-230-misinformation-teenager-mental-health
  • Robots Have No Place Filtering Creative Content, EFF Tells U.S. Copyright Office https://www.eff.org/deeplinks/2022/02/robots-have-no-place-filtering-creative-content-eff-tells-us-copyright-office
  • Ohio: Don't Give Big Tech a Pass On Privacy https://www.eff.org/deeplinks/2022/02/ohio-dont-give-big-tech-pass-privacy

• World:

  • Facebook appeal over Cambridge Analytica data rejected by Australian court as ‘divorced from reality' https://www.theguardian.com/technology/2022/feb/07/facebook-appeal-over-cambridge-analytica-data-rejected-by-australian-court-as-divorced-from-reality
  • Meta warns it could pull Instagram and Facebook in Europe if it loses a data-sharing ruling https://www.businessinsider.com/meta-could-pull-instagram-facebook-europe-data-sharing-ruling-2022-2
  • France Rules That Using Google Analytics Violates GDPR Data Protection Law https://thehackernews.com/2022/02/france-rules-that-using-google.html
  • Demand to global brand CEOs: stop unlawful consent spam and delete the data https://www.iccl.ie/news/demand-to-ceos-of-worlds-biggest-advertisers-stop-unlawful-consent-spam-and-delete-the-data/
  • What the Duck? Why an EU Proposal to Require "QWACs" Will Hurt Internet Security https://www.eff.org/deeplinks/2022/02/what-duck-why-eu-proposal-require-qwacs-will-hurt-internet-security
  • NSO Group: Israel launches inquiry into police hacking claims https://www.bbc.co.uk/news/world-middle-east-60287161
  • Ethical hackers face tough sanction under Jamaican law https://www.databreaches.net/ethical-hackers-face-tough-sanction-under-jamaican-law/

• Standards News:

  • NIST has published NISTIR 8286B, Prioritizing Cybersecurity Risk for Enterprise Risk Management https://csrc.nist.gov/publications/detail/nistir/8286b/final and https://csrc.nist.gov/publications/detail/nistir/8286c/draft
  • CMVP Validation Authority Updates: Second Drafts of NIST SP 800-140C/D Rev. 1 Available for Comment through March 25 https://csrc.nist.gov/publications/detail/sp/800-140c/rev-1/draft and https://csrc.nist.gov/publications/detail/sp/800-140d/rev-1/draft

Defense / Techniques / Solutions

Covering developments and opportunities that may help improve security.

• Google account hacks dropped by half after pushing two-step authentication by default https://www.theverge.com/2022/2/8/22923618/google-account-hacks-dropped-half-two-step-authentication
• T'Mobile: Deleting Stale Data Reduces Liability https://freedom-to-tinker.com/2022/02/10/tmobile-deleting-stale-data-reduces-liability/
• What is Shift-Left Testing and What are the Benefits? https://www.imperva.com/blog/what-is-shift-left-testing-and-what-are-the-benefits/
• One way to fight the pandemic? Build trust in the government and each other https://www.npr.org/2022/02/06/1078634141/one-way-to-fight-the-pandemic-build-trust-in-the-government-and-each-other
• IoT/connected Device Discovery and Security Auditing in Corporate Networks https://thehackernews.com/2022/02/iotconnected-device-discovery-and.html
• Putting AI to Practical Use in Cybersecurity https://www.darkreading.com/emerging-tech/putting-ai-to-practical-use-in-cybersecurity
• When Multifactor Authentication Is Compromised: Fighting Back With AI https://www.darkreading.com/dr-tech/when-multifactor-authentication-is-compromised-fighting-back-with-ai
• Google Cloud Gets Virtual Machine Threat Detection https://www.securityweek.com/google-cloud-gets-virtual-machine-threat-detection
• What's Next in Security from Microsoft https://www.microsoft.com/security/blog/2022/02/10/whats-next-in-security-from-microsoft/
• Microsoft to block downloaded VBA macros in Office – you may be able to run 'em anyway https://www.theregister.com/2022/02/08/microsoft_office_default_macro_block/
• Microsoft starts killing off WMIC in Windows, will thwart attacks https://www.bleepingcomputer.com/news/microsoft/microsoft-starts-killing-off-wmic-in-windows-will-thwart-attacks/
• Detect active network reconnaissance with Microsoft Defender for Endpoint https://www.microsoft.com/security/blog/2022/02/07/detect-active-network-reconnaissance-with-microsoft-defender-for-endpoint/
• Microsoft is making it harder to steal Windows passwords from memory https://www.bleepingcomputer.com/news/microsoft/microsoft-is-making-it-harder-to-steal-windows-passwords-from-memory/
• Bunnie Huang's Plausibly Deniable Database https://www.schneier.com/blog/archives/2022/02/bunnie-huangs-plausibly-deniable-database.html

Bugs / Design Flaws / Vulnerabilities / Research

Articles about newly discovered vulnerabilities and research.

• Other Zero-day news:

  • Google Project Zero: Vendors are now quicker at fixing zero-days https://www.bleepingcomputer.com/news/security/google-project-zero-vendors-are-now-quicker-at-fixing-zero-days/
  • Apple Patches Actively Exploited WebKit Zero Day https://packetstormsecurity.com/news/view/33095/Apple-Patches-Actively-Exploited-WebKit-Zero-Day.html
  • Apple emits emergency fix for exploited-in-the-wild WebKit vulnerability https://www.theregister.com/2022/02/11/apple_emergency_webkit/

• Other Vulnerabilities:

  • Vulnerabilities (metrics) don’t count https://www.csoonline.com/article/3648997/vulnerabilities-dont-count.html
  • DtSR Episode 487 - Software Supply Chain is a BFD http://podcast.wh1t3rabbit.net/dtsr-episode-487-software-supply-chain-is-a-bfd
  • Mozilla fixes Firefox bug letting you get Windows admin privileges https://www.bleepingcomputer.com/news/security/mozilla-fixes-firefox-bug-letting-you-get-windows-admin-privileges/
  • Critical Code Execution Flaws Patched in 'PHP Everywhere' WordPress Plugin https://www.securityweek.com/critical-code-execution-flaws-patched-php-everywhere-wordpress-plugin
  • Critical Flaws Expose Mimosa Wireless Broadband Devices to Remote Attacks https://www.securityweek.com/critical-flaws-expose-mimosa-wireless-broadband-devices-remote-attacks
  • Mazda head units are getting bricked by a local NPR station in Seattle https://www.theverge.com/2022/2/9/22925619/mazda-head-units-bricked-npr-seattle-need-ota-updates
  • Google Paid Out $8.7 Million in Bug Bounty Rewards in 2021 https://www.securityweek.com/google-paid-out-87-million-bug-bounty-rewards-2021
  • ExpressVPN offering $100,000 to first person who hacks its servers https://www.bleepingcomputer.com/news/security/expressvpn-offering-100-000-to-first-person-who-hacks-its-servers/

• Patching:

  • CISA Orders Federal Agencies to Fix Actively Exploited Windows Bug https://threatpost.com/cisa-orders-federal-agencies-to-fix-actively-exploited-windows-bug/178270/
  • CISA orders federal agencies to update iPhones, Macs until Feb 25th https://www.bleepingcomputer.com/news/security/cisa-orders-federal-agencies-to-update-iphones-macs-until-feb-25th/
  • CISA urges orgs to patch actively exploited Windows SeriousSAM bug https://www.bleepingcomputer.com/news/security/cisa-urges-orgs-to-patch-actively-exploited-windows-serioussam-bug/
  • Google fixes remote escalation of privileges bug on Android https://www.bleepingcomputer.com/news/security/google-fixes-remote-escalation-of-privileges-bug-on-android/
  • Microsoft Patch Tuesday, February 2022 Edition https://krebsonsecurity.com/2022/02/microsoft-patch-tuesday-february-2022-edition/
  • SAP Patches Severe ‘ICMAD' Bugs https://threatpost.com/sap-patches-severe-icmad-bugs/178344/
  • Adobe Patches 13 Vulnerabilities in Illustrator https://www.securityweek.com/adobe-patches-13-vulnerabilities-illustrator
  • Log4j: Getting From Stopgap Remedies to Long-Term Solutions https://www.darkreading.com/attacks-breaches/log4j-getting-from-stopgap-remedies-to-long-term-solutions
  • Breaking 256-bit Elliptic Curve Encryption with a Quantum Computer (no time soon) https://www.schneier.com/blog/archives/2022/02/breaking-245-bit-elliptic-curve-encryption-with-a-quantum-computer.html

Hacking / Malware / Cybercrime / Exploitation

News covering active trends, alerts, events.

• Trends, Alerts, and Events (other than major breaches):

  • FBI Publishes IOCs for LockBit 2.0 Ransomware Attacks https://www.securityweek.com/fbi-publishes-iocs-lockbit-20-ransomware-attacks
  • CISA Says 'HiveNightmare' Windows Vulnerability Exploited in Attacks https://www.securityweek.com/cisa-says-hivenightmare-windows-vulnerability-exploited-attacks
  • Hacking group 'ModifiedElephant' evaded discovery for a decade https://www.bleepingcomputer.com/news/security/hacking-group-modifiedelephant-evaded-discovery-for-a-decade/
  • Hackers Planted Fake Digital Evidence on Devices of Indian Activists and Lawyers https://thehackernews.com/2022/02/hackers-planted-fake-digital-evidence.html
  • Threat Actors Revive 20-Year-Old Tactic in Microsoft 365 Phishing Attacks https://www.darkreading.com/attacks-breaches/threat-actors-revive-20-year-old-tactic-in-microsoft-365-phishing-attacks
  • Qbot needs only 30 minutes to steal your credentials, emails https://www.bleepingcomputer.com/news/security/qbot-needs-only-30-minutes-to-steal-your-credentials-emails/
  • An Insidious Mac Malware Is Growing More Sophisticated https://www.wired.com/story/mac-malware-growing-more-sophisticated
  • 'Roaming Mantis' Android Malware Targeting Europeans via Smishing Campaigns https://thehackernews.com/2022/02/roaming-mantis-android-malware.html
  • Medusa malware ramps up Android SMS phishing attacks https://www.bleepingcomputer.com/news/security/medusa-malware-ramps-up-android-sms-phishing-attacks/
  • Kimsuki hackers use commodity RATs with custom Gold Dragon malware https://www.bleepingcomputer.com/news/security/kimsuki-hackers-use-commodity-rats-with-custom-gold-dragon-malware/
  • Example of Cobalt Strike from Emotet infection, (Wed, Feb 9th) https://isc.sans.edu/diary/rss/28318

• Nation State Actors:

  • QuaDream, 2nd Israeli Spyware Firm, Weaponizes iPhone Bug https://threatpost.com/quadream-israeli-spyware-weaponized-iphone-bug/178252/
  • China Suspected of News Corp Cyberespionage Attack https://threatpost.com/china-suspected-news-corp-cyberespionage/178277/
  • Russian APT Hackers Used COVID-19 Lures to Target European Diplomats https://thehackernews.com/2022/02/russian-apt-hackers-used-covid-19-lures.html
  • Russian APT Steps Up Malicious Cyber Activity in Ukraine https://www.darkreading.com/attacks-breaches/russian-apt-steps-up-malicious-activity-in-ukraine
  • Lazarus hackers target defense industry with fake Lockheed Martin job offers https://www.zdnet.com/article/lazarus-hackers-target-defense-industry-with-fake-lockheed-martin-job-offers
  • Palestine-Aligned Hackers Use New NimbleMamba Implant in Recent Attacks https://thehackernews.com/2022/02/palestinian-hackers-using-new.html

• Crime & Arrests, etc.:

  • Crypto Networks Connected to Increase in Reported Fraud https://www.pymnts.com/cryptocurrency/2022/crypto-networks-connected-increase-reported-fraud/
  • FBI seizes $3.6bn in Bitcoin after New York 'tech couple' arrested over Bitfinex robbery https://www.theregister.com/2022/02/08/bitfinex_arrests_cryptocurrency/
  • The counterfeit NFT problem is only getting worse https://www.theverge.com/22905295/counterfeit-nft-artist-ripoffs-opensea-deviantart
  • Two Arrested for Alleged Conspiracy to Launder $4.5 Billion in Cryptocurrency Stolen from Bitifinex in 2016 https://www.databreaches.net/two-arrested-for-alleged-conspiracy-to-launder-4-5-billion-in-cryptocurrency-stolen-from-bitifinex-in-2016/
  • FBI Received 1,600 SIM Swapping Complaints in 2021 https://www.securityweek.com/fbi-received-1600-sim-swapping-complaints-2021
  • Sharp SIM-Swapping Spike Causes $68M In Losses https://packetstormsecurity.com/news/view/33098/Sharp-SIM-Swapping-Spike-Causes-68M-In-Losses.html
  • Spanish police arrest suspects in SIM-swapping ring https://www.zdnet.com/article/spanish-police-arrest-suspects-in-sim-swapping-ring
  • $1.3 billion lost to romance scams in the past five years: FTC https://www.zdnet.com/article/1-3-billion-lost-to-romance-scams-in-the-past-five-years-ftc
  • Canadian Netwalker ransomware crook pleads guilty to million-dollar crimes https://www.theregister.com/2022/02/08/netwalker_ransomware_jailed/
  • Canadian Hacker Bowser Sentenced To Three Years In Jail For Crimes Against Nintendo https://www.databreaches.net/canadian-hacker-bowser-sentenced-to-three-years-in-jail-for-crimes-against-nintendo/
  • Secret Service: Home Depot Worker Swapped $388K Cash with Fake Bills https://www.pymnts.com/news/security-and-risk/2022/secret-service-home-depot-worker-swapped-388k-cash-with-fake-bills/
  • Hacker Who Sold Pirated Video Games Gets More Than 3 Years in Prison https://www.nytimes.com/2022/02/10/technology/nintendo-hacker-gary-bowser.html

Other Security / Risk

Articles covering other types of risks.

• Amy Zegart on Spycraft in the Internet Age https://www.schneier.com/blog/archives/2022/02/amy-zegart-on-spycraft-in-the-internet-age.html
• Chip Errors Are Becoming More Common and Harder to Track Down https://www.nytimes.com/2022/02/07/technology/computer-chips-errors.html
• America's Chinese Tech Conundrum https://www.nytimes.com/2022/02/08/technology/china-us-tech-policy.html
• Debunking 4 Myths About Blockchain https://www.pymnts.com/blockchain/2022/debunking-4-myths-about-blockchain/
• Cryptocurrency Is Funding Ukraine's Defense—and Its Hacktivists https://www.wired.com/story/ukraine-russia-cryptocurrency-donations-hacktivism
• Sports Betting Is Ruining More Than Your Bank Account https://www.theatlantic.com/technology/archive/2022/02/sports-betting-super-bowl/622058/
• 23 Obsolete (Or Nearly Obsolete) Jobs https://www.mentalfloss.com/article/649701/obsolete-jobs

• Disinformation and misinformation

  • What's the Harm in Medical Misinformation? https://www.theatlantic.com/newsletters/archive/2022/02/whats-the-harm-in-medical-misinformation/622072/
  • The Einstein Effect: People Trust Nonsense More if They Think a Scientist Said It https://www.sciencealert.com/the-einstein-effect-people-trust-nonsense-from-scientists-more-than-spiritual-gurus

• Health, Safety & Environment:

  • No time to exercise? What about THREE SECONDS a day? https://scienmag.com/no-time-to-exercise-what-about-three-seconds-a-day/
  • Supercomputer helps Canadian researcher uncover thousands of viruses that could cause human diseases https://www.cbc.ca/news/health/supercomputer-virus-study-disease-1.6345158
  • HIV incidence rising steeply among people who inject drugs in Tijuana https://scienmag.com/hiv-incidence-rising-steeply-among-people-who-inject-drugs-in-tijuana/
  • Scientists Think They've Unlocked The Secret of Long-Term Lyme Disease Symptoms https://www.sciencealert.com/dead-bacteria-bits-may-be-behind-long-lyme-disease-symptoms
  • Black Death mortality not as widespread as long thought https://scienmag.com/black-death-mortality-not-as-widespread-as-long-thought/
  • We May Finally Know Where Ebola Hides in The Brain to Emerge Years Later https://www.sciencealert.com/ebola-can-avoid-the-immune-system-for-years-and-primate-brains-reveal-its-hideout
  • Two years into COVID, mental health service access still a problem https://globalnews.ca/news/8600197/covid-mental-health-service-access-problem/
  • Spinal Implant Enables Paralyzed Man With Severed Spine to Walk Again https://www.sciencealert.com/implant-allows-man-with-severed-spine-to-walk-again
  • How gold nanoparticles can be used to quickly test drinking water for bacteria https://www.cbc.ca/news/canada/nova-scotia/st-fx-researchers-develop-test-to-find-bacteria-in-water-1.6340681
  • He Donated His Kidney and Received a $13,064 Bill in Return https://www.propublica.org/article/he-was-charged-13-064-for-donating-his-kidney
  • Could Astronauts Hibernate on Long Space Voyages? https://www.universetoday.com/154382/could-astronauts-hibernate-on-long-space-voyages/
  • SSD prices could spike after Western Digital loses 6.5 billion gigabytes of NAND chips https://www.theverge.com/2022/2/11/22928867/western-digital-nand-flash-storage-contamination
  • Ontario housing task force recommends ways to boost supply https://toronto.ctvnews.ca/ontario-housing-task-force-recommends-ways-to-boost-supply-1.5772386
  • Austria on high alert after series of deadly avalanches https://www.bbc.co.uk/news/world-europe-60287621
  • US nuclear power plants contain dangerous counterfeit parts, report finds https://www.theverge.com/2022/2/11/22929255/us-nuclear-power-plants-dangerous-counterfeit-parts-nrc-report
  • Western Australia bushfires threaten lives after record summer heat https://www.bbc.co.uk/news/world-australia-60285018
  • The Most Extreme 'Rogue Wave' on Record Was Just Confirmed in The North Pacific https://www.sciencealert.com/a-rogue-wave-four-stories-high-is-the-largest-on-record
  • Toronto is getting the largest solar power generating wall in North America https://www.blogto.com/city/2022/02/toronto-getting-largest-power-generating-solar-wall-north-america/

COVID-19 updates.

COVID related articles. We have been following coronavirus risks since https://controlgap.com/blog/this-weeks-insecurity-issue-147.

• The spread, curves, spikes, waves, reinfection, and variant strains:

  • COVID-19 ICU admissions in Ontario reach lowest level since early January, another 42 deaths reported https://toronto.ctvnews.ca/covid-19-icu-admissions-in-ontario-reach-lowest-level-since-early-january-another-42-deaths-reported-1.5772587
  • ‘It's a lot': At least 2M Quebecers infected during fifth wave of COVID-19 pandemic https://globalnews.ca/news/8607701/quebec-2-million-covid-infections-omicron/

• Guidance, Response, and Recovery:

  • COVID-19 Is Over (If You're Rich) https://www.theatlantic.com/international/archive/2022/02/pandemic-easy-for-rich/622041/
  • Ontario ‘not in the clear' to remove COVID vaccine passports, masking as other provinces https://globalnews.ca/news/8606565/ontario-covid-vaccine-passports-masking/
  • Ontario to give out free COVID-19 rapid tests at grocery stores, sources say https://toronto.ctvnews.ca/ontario-to-give-out-free-covid-19-rapid-tests-at-grocery-stores-sources-say-1.5773469
  • Doug Ford fires back after Walmart enforces minimum purchase of $35 for free rapid tests https://toronto.ctvnews.ca/doug-ford-fires-back-after-walmart-enforces-minimum-purchase-of-35-for-free-rapid-tests-1.5774894
  • 3,000 NYC staff face lost jobs over vaccine rules https://www.bbc.co.uk/news/business-60351455
  • New York state to eliminate indoor mask mandate as COVID surge eases https://globalnews.ca/news/8606077/new-york-covid-mask-mandate/

• Treatments, Testing, Triage, Trials, and things we Learned:

  • A Common Over-The-Counter Drug Could Treat Long COVID, Case Study Reports https://www.sciencealert.com/there-s-evidence-antihistamines-may-help-treat-long-covid-symptoms
  • Old drug may have new trick: protecting against COVID-19 lung injury https://scienmag.com/old-drug-may-have-new-trick-protecting-against-covid-19-lung-injury/

• Immunity and Vaccinations:

  • Inhaled vaccine provides protection against COVID-19, according McMaster study https://globalnews.ca/news/8606203/inhaled-vaccine-protection-covid-mcmaster/
  • Things we learned:
  • COVID Smell Loss and Long COVID Linked to Inflammation https://www.scientificamerican.com/article/covid-smell-loss-and-long-covid-linked-to-inflammation1/
  • Concordia researchers find patterns and predictors of physical distancing adherence https://scienmag.com/concordia-researchers-find-patterns-and-predictors-of-physical-distancing-adherence/

• Masks, anti-maskers, distancing, compliance, defiance, and repercussions:

  • The Canadian anti-vaccine mandate protests are causing automakers to cut production https://www.theverge.com/2022/2/11/22929249/canada-anti-vaccine-mandate-trucker-convoy-automakers-factory
  • Ambassador Bridge protest: Truckers block vital Canada-US border crossing https://www.bbc.co.uk/news/world-us-canada-60320874
  • Injunction to end Windsor border protest granted following Ontario court hearing https://windsor.ctvnews.ca/injunction-to-end-windsor-border-protest-granted-following-ontario-court-hearing-1.5777568
  • Ontario declares a state of emergency to end 'siege' in Ottawa and Windsor https://toronto.ctvnews.ca/ontario-declares-a-state-of-emergency-to-end-siege-in-ottawa-and-windsor-1.5777336
  • A Canadian judge has ruled that protesting truckers blocking the streets of Ottawa can't honk their horns for 10 days https://www.businessinsider.com/protesting-ottawa-truckers-banned-from-honking-horns-2022-2
  • Canada bridge protesters cleared by police after a week of disruption https://www.bbc.co.uk/news/world-us-canada-60368408

Off-Topic / Science & Tech / Lighter Side

A variety of scientific, technical, historical, and more light-hearted news.

• Innovations & Inventions:

  • Newly Invented Catalyst Dramatically Increases The Efficiency of Turning CO2 Into Fuel https://www.sciencealert.com/new-catalyst-turns-co2-into-fuel-1-000-times-more-efficiently-than-before
  • Fusion Power Experiment in The UK Smashes Its Old Record in Major Step Forward https://www.sciencealert.com/european-fusion-facility-smashes-old-record-by-generating-59-megajoules-of-energy
  • 100 Years Ago, a Quantum Experiment Explained Why We Don't Fall through Our Chairs https://www.scientificamerican.com/article/100-years-ago-a-quantum-experiment-explained-why-we-dont-fall-through-our-chairs/
  • An Ancient Geometry Problem Falls to New Mathematical Techniques https://www.quantamagazine.org/an-ancient-geometry-problem-falls-to-new-mathematical-techniques-20220208/
  • Solving Wordle using information theory https://www.youtube.com/watch?v=v68zYyaEmEA

• Other:

  • How Ouka the dog started flying on a paraglider https://www.bbc.co.uk/news/world-europe-60341236
  • It's Official: New Study Shows We Have No Idea What Megalodon Really Looked Like https://www.sciencealert.com/it-s-official-new-study-shows-that-we-have-absolutely-no-idea-what-megalodon-looked-like
  • Underwater Photographer of the Year winner revealed https://www.bbc.co.uk/news/in-pictures-60334402
  • SpaceX loses 40 satellites to geomagnetic storm a day after launch https://www.bbc.co.uk/news/world-60317806
  • James Webb's First Pictures are Out! But it's a Work in Progress https://www.universetoday.com/154497/james-webbs-first-pictures-are-out-but-its-a-work-in-progress/
  • Wow. Parker Solar Probe Took a Picture of the Surface of Venus https://www.universetoday.com/154467/wow-parker-solar-probe-took-a-picture-of-the-surface-of-venus/
  • The Thing About to Crash Into The Moon May Not Be a SpaceX Rocket After All https://www.sciencealert.com/it-might-not-be-a-spacex-rocket-that-s-about-to-hit-the-moon
  • Astronomers Spot The Youngest Pair of Asteroids Ever Discovered in The Solar System https://www.sciencealert.com/we-ve-just-found-a-pair-of-asteroids-that-only-formed-300-years-ago
  • A third world may be orbiting around our closest neighboring star https://www.theverge.com/2022/2/10/22925418/proxima-centauri-d-third-exoplanet-discovery
  • We Have The First Direct Evidence of a White Dwarf Violently Ripping Apart a Planet https://www.sciencealert.com/for-the-first-time-we-ve-caught-the-x-ray-flare-of-a-white-dwarf-devouring-a-planet